Kryptos Logic, the cyber-security firm running the main WannaCry sinkhole, announced today plans to allow organizations access to some of the WannaCry sinkhole data.
The security firm cites recurring WannaCry ransomware infections that are still taking place at various companies, even eleven months after the first WannaCry outbreak in May 2017. For example, Boeing, Connecticut state agencies, Honda, and Victoria state police suffered WannaCry infections long after Kryptos Logic researcher Marcus "MalwareTech" Hutchins registered the WannaCry killswitch domain, effectively stopping the global outbreak on May 12, last year.Read more
A Boeing production plant in Charleston, South Carolina was hit by the WannaCry ransomwear cyberattack on Wednesday. Mike VanderWel, the chief engineer at Boeing Commercial Airplane production engineering, sent out a company-wide memo calling for “all hands on deck.”
“It is metastasizing rapidly out of North Charleston and I just heard 777 may have gone down,” reads VanderWel’s memo. The company worries the virus may hit equipment used in functional airplane tests, which could lead to it spreading to airplane software. WannaCry, which the Trump administration blames on the cyberterrorism unit of North Korea as of December 2017, attacked mainly via a critical Windows vulnerability.Read more
Britain said on Friday it believed North Korea was behind the “WannaCry” cyber attack in May that disrupted businesses and government services worldwide, including the National Health Service (NHS) in England.
Security Minister Ben Wallace said Britain believed “quite strongly” that the ransomware attack came from a foreign state. "North Korea was the state that we believe was involved in this worldwide attack on our systems," he told BBC radio. “We can be as sure as possible - I can’t obviously go into the detailed intelligence but it is widely believed in the community and across a number of countries that North Korea had taken this role.”Read more
It appears that the hackers behind the WannaCry ransomware may be back at work. LG's service centers in South Korea were reportedly hit by a ransomware attack earlier in the week, with authorities revealing that the ransomware's malicious code was "identical" to WannaCry.
Users of LG's South Korean self-service kiosks were reportedly experiencing issues accessing the service. The issue was then reported by LG to the state-run Korea Internet and Security Agency, who confirmed the ransomware attack. "More investigation is still needed to determine the exact cause," KISA said in a statement, the Korea Herald reported.Read more
More than £108,000 in bitcoin paid by victims of the WannaCry ransomware attack, which crippled parts of the NHS as well as businesses in 150 countries worldwide, has been withdrawn from the digital wallets the funds were being held in.
Nearly three months after the ransomware struck computers, locking up data, demanding ransoms and causing chaos in hospitals and firms including Spain’s Telefonica and FedEx, a total of £108,953 worth of bitcoin was withdrawn. The money, presumably moved by the hackers, was taken from three bitcoin wallets associated with WannaCry, according to tracking firm Elliptic.Read more
Honda Motor Company was forced to halt vehicle production this week after finding WannaCry ransomware in its plant computer network. Its Sayama Plant in northwest Tokyo has a daily output of roughly 1,000 vehicles, ranging from Accord to Odyssey models, but was closed down on Monday after the ransomware was discovered on Sunday 18 June.
While production has today continued, the data breach continues to prove the lasting effects of WannaCry. A spokesperson told the virus had affected networks across Japan, North America, Europe, China and other regions, despite efforts to secure its systems in mid-May when the virus caused widespread.Read more
The authors of the WannaCry malware are probably from the southern mainland, Hong Kong, Taiwan or Singapore, according to a US intelligence company. Forensic linguistic analysis on the malware suggested it was written by native Chinese-speaking people with southern accents.
In a report on its website, Flashpoint, which provides global business-risk intelligence, said it came to the conclusion with “high confidence”. Earlier reports based on code analysis suggested North Korean programmers at work. The WannaCry malware locked up data on infected computers and displayed a message in 28 languages demanding a ransom for restoration of the data.Read more
A digital worm powered by stolen National Security Agency software caused $1 billion in damages when it infected hundreds of thousands of computers in less than a week, a Florida digital security company says. And new attacks may be in the offing.
Hackers unleashed the worm, dubbed WannaCry, on May 12. Some 200,000 to 300,000 computers were affected in at least 150 countries. “The estimated damage caused by WannaCry in just the initial four days would exceed $1 billion, looking at the massive downtime caused for large organizations worldwide,” Stu Sjouwerman, chief executive at KnowBe4, a Clearwater, Florida, firm that helps firms avoid phishing efforts.Read more
The majority of machines hit by the WannaCry ransomware worm in the cyber-attack earlier this month were running Windows 7, security firms suggest. More than 97% of the infections seen by Kaspersky Lab and 66% of those seen by BitSight used the older software.
WannaCry started spreading in mid-May and, so far, has infected more than 200,000 computers around the world. In the UK, some hospitals had to turn away patients as the worm shut down computer systems. Many suggested that the reason UK hospitals suffered was because many of them still relied on programmes that required Windows XP - a version of Microsoft's OS that debuted in 2001.Read more